suisec
Sui Secure - Pre-simulate transactions via sui client call --dry-run and sui client ptb --dry-run, compare results against user intent to detect malicious contract behavior. Only execute if intent matches; block otherwise.
Why use this skill?
Secure your Sui transactions with suisec. Automate dry-runs for PTB and client calls to detect malicious smart contract behavior and prevent asset loss before execution.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/k66inthesky/suisecWhat This Skill Does
Sui Secure (suisec) acts as an intelligent, automated security gatekeeper for your Sui blockchain interactions. It prevents malicious contract behavior by inserting a mandatory verification layer between your commands and the live blockchain. By intercepting sui client ptb and sui client call commands, the skill performs a simulation (dry-run) to inspect the transaction's potential impact. It parses balance changes, object mutations, and gas consumption to ensure they align precisely with your declared intent. If a discrepancy is detected or a potential threat is identified, the agent blocks execution entirely, preventing the loss of assets or unwanted contract interactions.
Installation
To integrate this security layer into your OpenClaw environment, execute the following command in your terminal:
clawhub install openclaw/skills/skills/k66inthesky/suisec
Ensure you have the Sui CLI tools configured and the main.py auditor script accessible within the skill directory to enable automated auditing capabilities for Programmatic Transaction Blocks (PTB).
Use Cases
- Safe DeFi Swaps: Verify that a swap contract actually exchanges your tokens for the intended amount before signing.
- NFT Minting Security: Ensure that minting a new asset doesn't trigger unexpected calls to unauthorized addresses.
- Automated Audit Trails: Maintain a log of transaction simulations to identify patterns in potentially malicious DApps.
- Asset Management: Prevent accidental transfers of SUI or objects to drainer contracts that masquerade as legitimate services.
Example Prompts
- "OpenClaw, I want to transfer 10 SUI to 0xABC... Run suisec and verify this transaction before execution."
- "Execute this PTB for the DEX swap: [paste command]. Use suisec to ensure the gas cost stays below 0.01 SUI."
- "Mint this NFT using the provided PTB. Check for any unexpected balance changes using suisec and block if the object mutation isn't authorized."
Tips & Limitations
For the best results, always be as descriptive as possible when declaring your intent to OpenClaw. The more specific your user expectation, the more granular the comparison against the simulation results can be. Note that the automated main.py auditing tool currently focuses primarily on sui client ptb. When executing sui client call, the skill defaults to a manual review mode, requiring you to interpret the dry-run results alongside the agent. Always double-check outputs if the system flags a potential threat, and only override blocks if you have verified the contract source code yourself.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-k66inthesky-suisec": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-read, code-execution